User Manual
Network Security Controls
Intended Operational Environments
2
48 | 85
A6V11646120_enUS_b_40
Deployment Diagram
Figure 13: Remote Web Server Deployment Scenario
Settings Reference
For reference, see Web Application Procedures in the Desigo CC online help.
2.2.4 Client/Server with Internet Access
Intended Use Case
This is the configuration choice for the cases where multiple installed clients,
connected through a dedicated or shared LAN are required, but web connectivity is
also required to allow remote access through a Desigo CC web client or provide
remote connectivity to an external application through the web services.
The Desigo CC server, history database service, web server and the first installed
client are deployed on the same hardware platform, which can be physical or virtual.
Field networks are connected directly to the Desigo CC server.
FEP can be used to better balance the communication load or to better adapt to the
distribution of the field systems. A typical case for FEP usage would be a system with
multiple remote sites and one central control location.
Installed and remote Windows App clients are connected through the system LAN to
the server.
The size of the field system and the number of clients that can be supported by this
configuration depend on the server hardware configuration.
For systems with Internet access additional support for networks and IT security is
available:
● Support of Windows domains and Active Directory
● Support of network policies
● Firewall/DMZ support
Root Certificate (.cer file) in TRCA
Client/FEP Host Certificate In Personal
Rights on the Host Certificate to the Client/
FEP logged-in operating system user
Client/FEP with Installed Client
Root Certificate (.cer file) in TRCA
Server Host Certificate (.pfx file) in Personal
Client/FEP Host Certificate (.pfx + .cer files)
Management System Server
with Installed Client,
Microsoft SQL Server
1. Root Certificate (.cer) file
2. Client/FEP Host Certificte
(.pfx) file
Client/Server Communication
Mode = Secured